Posted
by
CmdrTaco
on Wednesday April 27, 2011 @09:15AM
from the hype-of-the-month dept.

wiredmikey writes "[Apple] said that over the next few weeks it would release a software update for iOS that would reduce the size of the crowd-sourced Wi-Fi hotspot and cell tower database cached on the iPhone, cease backing up the cache, and delete the cache entirely when Location Services is turned off. Additionally, Apple said that in the next major iOS software release the cache would be encrypted on the iPhone, though a timeline for that was not provided."

Not erasing the old logs doesn't seem like a bug.. it would've been caught by a single test case. It seems to be a design decision to cache locations to speed up look ups the next time, so would've been considered a feature. Not encrypting the data, on the other hand, seems to be a genuine oversight. But no wonder they want to call everything a bug, what with the government breathing down their neck with Congressional hearings.

Almost all bugs would be caught by a single testcase if you thought about writing it. Most often the problem is that nobody concerned the scenario and though to write a testcase. While it could be mailicious, it could also be just an accident.

Not if the bug is in the requirements. You can't test for something if there is no requirement for it. One of the biggest failures of how agile/XP methodologies are implemented, they skimp on the requirements documentation.

I don't know that I agree with this. I've worked building software for more than 15 years and I can tell you that the likelihood of somebody accurately capturing something like this in a requirements document is very close to zero. After all, this isn't a feature we're talking about, it's an implementation detail of a performance optimization. The requirement would likely be something like

"Must be able to detect a location within 0.2s if wifi is active or can locate at least 3 cell tower ids"

the rest is how the programmer chose to make it work. If you are creating requirements to the level of detail needed to fully specify purge behavior of a cache database, you're never going to finish your requirements document.

This log file has been a known issue for at least 6 months. I'll give Apple credit and say that never purging the contents of the file is a bug, but they have know about the problem and did nothing to correct it.

They probably did nothing about it because it didn't seem like a big deal to them. You want an example of a security issue which has real world impact on tens of thousands of users? Insert latest credit card database theft news here. There seems to be at least one every few months, I think the latest was Sony.

By contrast, a phone which logs the locations of cell towers that it's been near causes next to no real harm to its users. The uproar has been essentially emotional: "ZOMG I'm being TRACKED!!!!", e

Not erasing the old logs doesn't seem like a bug.. it would've been caught by a single test case.

You only put tests in for problems you think of. Deleting the log file altogether when you turn off location services, is a problem they simply didn't think about. If you think about it the guys writing that part of the code probably assumed that since the file was cached it would be truncated so leaving it around wouldn't matter...

The rest of the time you aren't deleting the file, instead you are periodically truncating it - something beyond a single test case, and requiring a long period of time to elapse. That part seems also like it could easily be oversight.

To my mind they probably just thought keeping a record of cell towers was not a big deal, because it was not an exact location log... although just from a performance aspect you'd think they would not want that file growing too large.

I'm guessing the "sending the list of nearby cell towers and wifi APs(in a totally-you-guys-can-trust-us-that's-why-we-didn't-bother-to-tell-you) 'anonymized and encrypted' form back to Apple so that they can build their 'crowdsourced database'" behavior was not just a bug...

Maintaining a local cache of recent location references is a common trick to speed up GPS fixes(even dedicated GPS chips commonly have a sliver of cap-backed RAM for the purpose); but the silently sending those data to Apple bit is p

This file... Apparently, the timestamped location log database file was a locally-generated composite of RF signals the phone received, and nearby locations that were provided from Apple's database(Requests for which, of course, would in no way inform Apple of the user's location at a given time...). That particular file doesn't seem to have been sent back, in large part because much of it would be redundant.

However, particularly in points 3(linked above) and 8(following) of their apologia, they admit to collecting location data in a previously undisclosed way.

"8. What other location data is Apple collecting from the iPhone besides crowd-sourced Wi-Fi hotspot and cell tower data?
Apple is now collecting anonymous traffic data to build a crowd-sourced traffic database with the goal of providing iPhone users an improved traffic service in the next couple of years."

It takes a pretty large amount of cognitive disassociation to rationalize that "This data is sent to Apple" as stated in Apples point number 5 means that the data isn't sent to Apple.

Apples response is a full and complete admission that they are spying on iPhone users. Sure they are using New-Speak to try and make it sound double plus good, but that doesn't change the fact that they are spying.

"3. Why is my iPhone logging my location?
The iPhone is not logging your location. Rather, it’s maintaining a database of Wi-Fi hotspots and cell towers around your current location, some of which may be located more than one hundred miles away from your iPhone, to help your iPhone rapidly and accurately calculate its location when requested. Calculating a phone’s location using just GPS satellite data can take up to several minutes. iPhone can reduce this time to just a few seconds by using Wi-Fi hotspot and cell tower data to quickly find GPS satellites, and even triangulate its location using just Wi-Fi hotspot and cell tower data when GPS is not available (such as indoors or in basements). These calculations are performed live on the iPhone using a crowd-sourced database of Wi-Fi hotspot and cell tower data that is generated by tens of millions of iPhones sending the geo-tagged locations of nearby Wi-Fi hotspots and cell towers in an anonymous and encrypted form to Apple."

Pay attention now, that's a different set of data. On one hand we have the "consolidated.db" file which Apple now has stated is a sub-set of the full database of network access points they have. On the other hand we have data of new network access points (or updated data of old ones) that is collected by the phone and sent anonymously to Apple.

Why would Apple send themselves a file that they sent you in the first place?

Moreover, they are not sending this data back silently. A year ago they explained in d

Not necessarily a bug... it could have been a simple oversight. Just look at everything that's in/var/log on a vanilla UNIX/Linux installation. Unless you go in to your configurations and specifically dial things down, there's quite a lot in there that some nefarious party could exploit to get a very good idea of what you're doing on that box.

Apple: We didn't see anything wrong with the previous implementation, but it seems that our customers do. We'll take steps to make sure that our implementation is in-line with what our customers desire.

Apple: We didn't see anything wrong with the previous implementation, but it seems that our customers do. We'll begin encrypting the information so our customers have no idea what we are doing or what data we are storing. Maybe then they will go back to sleep until it's time to pony up for the next version of hardware.

Apple: A relatively insignificant bug made it through QA, and now that it's been found we're going to fix it in the next update. While we're at it, here's what the facts are, what we do do and collect, and what we use it for - and how it's anonymized before we see.

Fixing a bug is at least an admission that it was a problem that needed fixing.

Since Apple/Google comparisons are all the rage, might I cast your mind back to the Street View / unsecured WiFi debacle. Google didn't do anything intentionally wrong (that anyone can tell)- instead they cocked up and ended up doing something they shouldn't have done, and have been dragged over the coals for it in various jurisdictions ever since. Negligence can still get you punished.

How do you suppose the phone company knows what cell you're in, so they can route calls to your phone? How do you suppose they get their E911 data?

As long as you have the thing powered on, the phone company know where you are. And if the police want to know, they won't go to your house, hack your computer, and read the log backup. They'll just go to the phone company with a subpoena.

This whole controversy was much ado about nothing. The only thing that was different was that the user had access to the data that "the man" had all along.

How do you suppose the phone company knows what cell you're in, so they can route calls to your phone? How do you suppose they get their E911 data?

As long as you have the thing powered on, the phone company know where you are. And if the police want to know, they won't go to your house, hack your computer, and read the log backup. They'll just go to the phone company with a subpoena.

This whole controversy was much ado about nothing. The only thing that was different was that the user had access to the data that "the man" had all along.

Yes because the only people who would be interested in this data are those that already posses a legal method of obtaining it...

Yes because the only people who would be interested in this data are those that already posses a legal method of obtaining it...

If you are worried about those that do not posses legal method to access that data - you should really encrypt your data. The log can only be accessed from you home computer or you mobile phone directly (after hacking it) - if somebody you don't like has unrestricted/uncontrolled access to any of those, there is a lot more stuff you need to be worried about.

There is of course the Private Investigator case hired by your wife that could be borderline possible. In real life, that would be far easier for the PI to stick a GPS tracker under your car and that would give him more precise, more discreet data collection service.

Leave the police and the courts out of the equation for a moment (as we have to assume, these days, that the state is omnipotent in any case).

This whole controversy sprung up because some well-meaning developer released an app that could access the data. By extension, we could assume that all iOS developers- including malware developers- could work a similar trick, to less innocent ends. Malware/adware/spyware developers couldn't subpoena your details from your provider; this is the only method by which they could access this sort of data.

As such, you can look at it as a pretty big security hole that needn't exist.

As I understand it, iOS apps can't access it because they're sandboxed off from the system. The file is accessed in the phone backups on the computer. So the moral is don't run untrustworthy software on your computer, unless you're alright with it doing things you don't like.

It does make it harder for someone to know where you have BEEN though. It's not about tracking the phone "now" as much as where it has been. Such data could be used by law enforcement or jealous spouses as evidence against you. It could also be used by a stalker. And while I haven't given it much thought, I am quite certain there are dozens of other possible uses of this data that would not be good.

Knowing a history of where you've been is key to determining where you might be going in the future.

I had to tell one of my daughters to turn off the GPS location update on her pedometer app because she was posting her jogging path/times on facebook. She didn't know the feature was turned on, and scrambled to delete the details from her facebook account. I didn't need to explain the dangers to her, but I'll explain it here.

With knowledge of her jogging path and the approximate times she normally runs, kid

Thieves are everywhere and nowhere. Most women keep their phones in their purses and they tend to leave those things laying around all the time and they don't have locks on them. And for that matter, I sometimes leave my phone on charger at my desk and walk away -- not smart, but we aren't always thinking of those things when other stuff is on our mind.

I liked Crudely's response above -- I hadn't really thought about how a stalker would use history data -- but there you go -- it's quite obvious and in one

Dollars to donuts the people bitching the loudest about this check in to FourSquare 72 times a day, tweet 245 times, and update their Facebook status with what they're doing and where at least every hour.

In this case, it is quite easy to imagine that this was merely an oversight on Apple's part.

Log files are useful forensic data. All log files have time stamps, otherwise they would be less useful. And when making a log file, date/time information is standard data to include.

Why is this easy to accept as an oversight on Apple's part? Well, as a person with a programming background, I can't imagine writing a log file any other way. But not being 110% security conscious is not the same thing as "tracking u

If you are driving down the highway you change locations quite a lot in a minute. Knowing a rough rate of travel because of locations of previous data collected over time, you could easily see the iPhone not trusting data even a minute old if it could extrapolate you were recently traveling at high speeds from the other data - or it might tweak location results to give you a location centered around where it thought you might be.

... so that it can tell which particular towers & wi-fi hotspots you've seen most recently?

The point of the database is to help the iPhone determine its own location more quickly. Having a list of a thousand map coordinates that the iPhone has seen "in the last year, sometime," does very little to facilitate that unless the iPhone can also know which ones it has been in range of recently.

Well, how about the fact that people often travel more than a few hundred yards in a single day or a single week?

Maybe you're a shut-in, I don't know. But I am pretty sure that people who travel frequently wouldn't appreciate the "excellent location services" that could be offered by an iPhone that always thinks you're in the same place you were yesterday, or last week, and takes a few minutes to locate you every time you move more than a few miles. Seems to sort of defeat the purpose of having a cache in

Ok, just pretending that's true, do you need the exact time a month ago? Can't there be a fade-out or something? Yes this is more work, but apparently it takes more work to make a cache not be a log. If you indiscriminately record all information, that would be a gross breach of privacy, regardless of how inconvenient it would be for the programmers to do something else. This is an example of the same kind of thing. The information can be used to track a user. That's something Apple is expected to avo

So apple's going to encrypt the location cache on a phone that is otherwise locked, where other people generally don't have access to it other than the device itself, and lower the battery to deal with encryption routines all because people are idiots?

So apple's going to encrypt the location cache on a phone that is otherwise locked, where other people generally don't have access to it other than the device itself, and lower the battery to deal with encryption routines all because people are idiots?

The worst part is the encrypted data will almost certainly have a universal "law enforcement" backdoor, or just the same key for all devices which happens to be shared with law enforcement and the underworld in general. Once that leaks, its wide open to everyone but the owners.

The purpose of the encryption is to prevent a rogue app from mining that data.

1) So no one should encrypt private information if it is only kept on the device itself? So no need to encrypt your bank account files or password lists? No need to lock the doors to your house either.2) This will not affect the battery life. Encryption is not that heavy.

Sounds like Apple is taking steps to improve their system and give the paranoid users a easy opt out. Now the question is what are the other phone manufactures doing with their location systems? Especially those who log your data to the cloud?

Sounds like Apple is taking steps to improve their system and give the paranoid users a easy opt out. Now the question is what are the other phone manufactures doing with their location systems? Especially those who log your data to the cloud?

That's a good point. Given their relatively short response and turn-around time on this, I'm wondering if Apple sees the possibility here for turning a negative situation into a positive. Don't get me wrong - I think Apple (and other vendors) should've been doing this from the get-go - but it will be interesting to see (for example) how Google responds, given that their business model is to own as much data about you as possible.

My wife and I have 2g and 3g iPhones. Apple began blocking the installation of higher iOS systems at the end of the 3.1.3 and 4.2.2 lines, respectively. Since this is a global liability, will Apple update these old phones as well? Or do they remain an outstanding liability?

Just a wild, unscientific guess, but I'd say it's because linking to Apple's press release directly means that SecurityWeek doesn't get ad impressions from the slashdotting. The link goes to a SecurityWeek Article by Mike Lennon; TFS submitted by "wiredmikey," whose profile identifies him as "SecurityWeek Editor", and links to SecurityWeek.

A perfectly sane feature has now been curtailed effectively by public outcry against perceived violation of privacy. While I agree that it is a good thing the stuff now gets encrypted locally (yay, more encryption of sensitive information!) the grand result is nearly nothing. The way this thing worked was by having a cache of locations stored locally and for those who worry about invasion of privacy this turn of events doesn't change anything - if Big Brother wants to know where you are and where you've been, he need do nothing more than to store where you connect from on his side - something he has always been able to do.

What about people who are grabbed by their government? Now there Phone can be checked for locations and those location will be at risk whether or not they aided the dissenter.

So people in areas where there is an oppressive government, or a current uprise against the government, this is a very important issue. Know what cell tower you connected to is one thing, know the exact block or store you where in is another.

What about people who are grabbed by their government? Now there Phone can be checked for locations and those location will be at risk whether or not they aided the dissenter....Know what cell tower you connected to is one thing, know the exact block or store you where in is another.

That's the thing though, it was NOT storing accurate location data. It's cell tower and some WiFi data, generally information you cannot use to tell you were at a specific house or even possibly neighborhood... think 1/4 to 1/2 mile radius, possibly a block but not a store.

I don't think that people who are worried about their privacy are concerned about being tracked via their cell phone. What privacy advocates are concerned about is the erosion of due process.

Having tracking information on a local device opens the potential for more risk (theft) and abuse (rogue law enforcement). There shouldn't be any reason why any police officer can get that information simply for pulling you over.

This is very simple to understand. No human being should be entitled to your tracking

> A perfectly sane feature has now been curtailed effectively by public outcry against perceived violation of privacy.

Not local. The file was copied to any machine that syncs the device. In the case of corporate iPhones and iPads, it means your off-duty location track is sitting on a company owned system. On a corporate phone, it's not clear who owns that database, but in reality it's catch-me-if-you-can. Yes, I'd say that I "perceive" that to be a privacy violation.

Why is this perfectly sane? You only need my last couple hours worth of data for all the mapping functions. You don't need to cache every location since the day I booted the phone.

The grand result isn't nothing. Sure AT&T and Verizon know what towers you're on but thats not the same as storing your GPS location and now malicious apps can't read that data at all because its not there.

"Your honor, as you can see from these screenshots I ran the WifeSnoop app on our home computer and found out that my husband was in the neighborhood of his slut of an ex girlfriend on the date in question."
"That's where my dry clea..."
"GUILTY AS CHARGED."

The feature may have been reasonably sane, but the outcry was justified. Apple didn't tell anyone it was there, kept it way longer than necessary, and was not clear about what it was used for. Had they been clear from the beginning it would not be an issue. But their response now is quite sensible.

it's the reason why my wifi only ipad knows exactly where it is just by the wifi access point it's connected to and nearby wifi access points. i thought it was very nice when i opened up the weather channel app for the first time on it and it knew where i was without me putting in a zip code. and it does this whenever i take it with me

Google never said that collection of WiFi hotspots was accidental. That would be a totally absurd lie. They were openly collecting data that was designed from the get go to be publicly accessable. If you find Google Street maps to be evil (as some obviously do), then that would be where the complaint lies. The "accident" part of their excuse was concerning how much data they were collecting when they hit an open WiFi hotspot.

The point of collection the WiFi hotspot data is that WiFi hotspots generall

3. Why is my iPhone logging my location? The iPhone is not logging your location. Rather, it’s maintaining a database of Wi-Fi hotspots and cell towers around your current location, some of which may be located more than one hundred miles away from your iPhone, to help your iPhone rapidly and accurately calculate its location when requested.

That is, it's keeping track of known locations near you so it can give you a quicker estimate of your location. Even sounds like this list of locations is downloaded from apple and not gathered by iOS. Why is this so hard for everyone to understand? This is exactly the kind of thing you want your devices to do. If they didn't have it everyone would be bitching about how long it takes for the phone to find your location.

I know, I know, I expect the internets to not be full of fools and trolls.

No, they're just logging the location of things you go near and the time you passed by them. This is not a location the same way that "314 Evergreen Street, Pigsknuckle, Arkansas at 2:31:14am on April 17, 2011" is not a location because it doesn't specify if you're inside or outside the house.

And then, two sentences later...

iPhone can reduce this time to just a few seconds by using Wi-Fi hotspot and cell tower data to quickly find GPS satellites, and even triangulate its location using just Wi-Fi hotspot and cell tower data when GPS is not available (such as indoors or in basements).

So they're not tracking your location, just the data needed to triangulate your location. Just like the GPS doesn't track your location, since it also only gives the data needed to triangulate your location.

The location data that researchers are seeing on the iPhone is not the past or present location of the iPhone, but rather the locations of Wi-Fi hotspots and cell towers surrounding the iPhoneâ(TM)s location

The data from the GPS is not the location of the receiver, but rather the locations of the satellites surrounding the receiver's location.

Can Apple locate me based on my geo-tagged Wi-Fi hotspot and cell tower data?No. This data is sent to Apple in an anonymous and encrypted form. Apple cannot identify the source of this data.

Using the preceding logic, it probably only contains your iTunes logon, phone number, SSN, DOB and profile information. But since it doesn't contain your name, they can't identify the source of this data. Also, I would guess that they replace all spaces with an underline, rendering it unreadable and thus encrypted.

So they're not tracking your location, just the data needed to triangulate your location. Just like the GPS doesn't track your location, since it also only gives the data needed to triangulate your location.

Incorrect; what they are doing is using the known location of one cell tower, WiFi hotspot, or GPS to make a wild guess as to your current location, then going to Apple's servers and downloading a chunk of data that contains all the known cell towers and WiFi points anywhere within up to 100 miles of the WiFi hotspot/cell tower the device originally saw a signal from. This info is written to the cache.

*IF* an application requests location services, it uses this database to quickly triangulate an approximate current position to help it get a GPS lock extremely quickly (Go read up on GPS - if you have a half-way decent idea of where you are, it makes acquiring a more exact fix much faster - somewhat like turning your TomTom off then back on immediately vs turning it off, flying across the country, then turning it back on... in the latter case it will take a lot longer to get a location). If there is no GPS signal, it can at least give an approximate location to the application that requested it. Location services on iOS allow the app to specify the desired level of accuracy as well as receive the instantaneous accuracy level. If the app only wants to know what zip code you are in the device might not even need to bother turning GPS on - the cache might be enough to get that information.

In any case, all the database tells you is that of the entire list of cell towers and WiFi hotspots in the database for a given time period, you were near *one* of them somewhere vaguely around that time.

No, they're just logging the location of things you go near and the time you passed by them. This is not a location the same way that "314 Evergreen Street, Pigsknuckle, Arkansas at 2:31:14am on April 17, 2011" is not a location because it doesn't specify if you're inside or outside the house.

More like that address just means you were in the city of Pugsknuckle sometime on April 17; you might have been at 314 Evergreen, maybe 325 Evergreen... maybe across town at another address entirely. Maybe you just drove through town on your way to Texas. There is literally no way to know because the chunk of cache you get back can cover a wide area and depends on what the server decides to send you. Two people at the same location at the same time might get different lists back from the server that cover a different geographical area.

Short version: This is no different then looking at a laptop's recently seen WiFi access point list and trying to claim the laptop is tracking you. All it means is that you were within some distance X (depending on conditions) of that access point sometime in the past.

I read it differently. My understanding is that some of that data is not even necessarily towers that you've been near, but towers that are in the vicinity of ones that you're near. So if the phone detects that you're near downtown Whoville, it'll log that, but it'll also pull down information about surrounding towers from the "crowdsourced cache" so that if you wander out a few miles, you'll still have relatively fast geolocation.

So where your own data may be a fine line through the cell network, the

"their own explanation describes that they're storing all the data needed to get your location except the final calculation"

As long as that "final calculation" includes fetching additional information. Maybe you're weak on the concept, but triangulation works like this: take three known points and for each of them measure the distance to an unknown point. That distance measurement allows a circle to be drawn around each known point. The unknown point lies at an intersection of the three circles. Due to limitations in accuracy, this intersection is going to be larger than a point -- and may in fact cover a sizeable region.

Here's the thing: the cache only included the crowd-sourced information, that is the locations for the known points. The "final calculation" involves collecting *additional* data, the distance from those three known points. So, no, the cache does *not* have all the data needed. It is missing the distance calculations. Which only makes sense because it changes constantly -- and is supported by what the third party individuals who have looked into it have found. No need to trust Apple.

"Which is exactly what the researchers did."

Really! Amazing, can you point a link to that because I've read what the researchers (original and others) have said and that is *not* what they did. The application that was written does not magically triangulate past locations (how could it, without distance data), it just displays the locations of towers and hot spots. That you may or may not have been near to at the logged time. Apple says up to 100 miles. Someone who checked his database found even larger discrepancies.

Okay, you read the headlines and never the article. The "purchase" was not recent, the fact that they buy the forensic devices just got brought up again. It isn't a recent phenomena at all and should come as a surprise to no one. (The ACLU's interest isn't that they were purchased, but what and how they are being used for.) Further, "download all your cell phone's data during traffic stops" -- there is no reasonable belief that this is happening, but if it/is/ happening they won't get "all" of *my* cell phone's data. Okay, let's assume for a minute that it was routine to hand over my cell phone at a traffic stop and that they imaged it. All that they get for their trouble is SIM data (problematic) and an encrypted blob. Why? Because my cell phone runs iOS 4 and I have set a password. But don't take my word for it, google iphone forensics, pay attention to iOS4 and read more than the front page or a quick marketing blurb. Or, even better, learn how to image an iPhone and demonstrate to yourself the difference.

Now, I do wish all the data were encrypted, but it isn't (and isn't on any phone I know of) -- but they won't get my email, SMS messages, notes, voice recordings, etc. There is no evidence that cache data is on the unencrypted data store of an otherwise encrypted iPhone.

Lesson 1: if you wish to do *something* to protect sensitive data on an iPhone -- which for most people is much more than geolocation data, and more serious -- then get it to iOS4 and set a passcode, or even better use a password (iOS4 allows that). And set it to wipe after 10 failed attempts. Wish I could set it to 3 (or fewer, even).

Look around the world. In a lot of areas, people are rising up against oppressive governments. In these situation, people are being found by the government based on cell phone location. Imagine what happens when a 'dissenter' gets caught and his phones also has the location of where he has been?That isn't some hypothetical, it stuff that is actually happening. Right now. It may not be happening where you live, but the world is bigger then you.

Um, are you one of those people rising up against oppressive governments? How about the people bringing a class action lawsuit? How about the many blogs screaming about it? No?

Can this data be used in real-time? No. Can it locate you precisely? No. Can an oppressive government that controls the local cell company locate ANY cellphone with greater accuracy and in real time? Yes.

This data is NOT "tracking the phone's location". It is only enough to show you that "this phone was somewhere inside ~100 miles of a given location."

If you're being executed or imprisoned because "your phone says you were within 100 miles of Tahrir Square on a day that protests against the Egyptian government occurred," then they're simply looking for an "official" reason to put on your execution / imprisonment paperwork. Of course, all of this "The iPhone, it TRACKZ JOO" hysteria simply gives people loo

Apparently, I did. Apparently, I ran it on my own data, as well. Apparently, you do not understand the phrase "within 100 miles". Apparently, you also do not understand that the lack of precise location data in the log means that if that's the only evidence against you that leads to your conviction, you're being railroaded and the "iphone log says you were somewhere in the area" is simply a fancy way of dressing up an abuse for political reasons.

Here in the US, availability of cellphone location for civil/criminal actions isn't a good thing either:

1: A DA could easily file a warrant for location info from cell providers to find who was in a park after dark, then go on a mass raid, filing criminal trespass charges on 20-30 people at once in a roundup.

2: People who were at the location of a certain protest can be blacklisted from jobs, or even supermarkets, where they would have to ask friends or go out of town to get basic groceries.